package com.example.securityproject.demos.config;

import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration;
import org.springframework.web.cors.CorsConfiguration;
import org.springframework.web.cors.UrlBasedCorsConfigurationSource;
import org.springframework.web.filter.CorsFilter;

/*
 * @description: 跨域处理
 * @author: Jiangjb
 * @date: 2024/4/11 10:41
 **/
@Configuration
public class CorsConfig {
    @Bean
    public CorsFilter corsFilter() {
        CorsConfiguration config = new CorsConfiguration();
        // 配置允许的原始域名，可以设置为 "*" 表示允许所有域名
        config.addAllowedOrigin("*");
        // 配置允许的请求方法，例如 GET、POST 等
        config.addAllowedMethod("*");
        // 配置允许的请求头部信息
        config.addAllowedHeader("*");
        // 配置是否允许发送 Cookie
        config.setAllowCredentials(true);
        UrlBasedCorsConfigurationSource source = new UrlBasedCorsConfigurationSource();
        source.registerCorsConfiguration("/**", config);
        return new CorsFilter(source);
    }
}
